By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
425,925 Members | 727 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 425,925 IT Pros & Developers. It's quick & easy.

Access 2002 Security on multiple workstations

P: n/a
I am trying to learn on the fly about Access Security for an app we are
developing. I realize Access security is an advanced subject with many
details. I wanted to share a scenario and ask a couple of questions.

Scenario:
I have MyApp.MDB up on a file server.
I also have two Client PC's: Client1 and Client2 who use MyApp.
(Both Client's are running Access 2002)

On Client1's PC:
In MSAccess I have set up 7 users across four groups:
Level1, Level2, Level3 & Level4.
Level1 users have the most authority in the app, then down to level 4's
who can only click on report icons on forms and run the reports, which
are based on queires as data sources. I have tried setting up
permissions on the users on Client 1's PC. One of the permissions is
blocking the security form that allows them to update the tblSecurity
object in the app.
This works on the app.

Client2's PC does not have any users set up.
So when I launch the same "MyApp.mdb" on Client2's PC, the application
comes up with no prompting for a user id and password and all parts of
the app can be accessed by anyone.

This leads me to believe that I have to set up groups and users ...*on
each PC!!* Am I reading this whole process correctly here?

Another wierd thing happened on client1's PC where I originally set up
the groups/users/passwords:
I launched an old Access 2000 app that I used for testing. It only had
one table and one form in it, used for practice. This old app had
absolutely no security stuff in it at all. So when I double clicked
it, Access asked for a userid and password!
ok...then I launched that same old little test app on Client2's PC and
it ran just fine, with no prompting for id's/passwords.

So I conclude that if I set up groups/users on the workstations of all
7 original users, those seven original users will have to enter a
userid/pass not only for the current app I'm writing for them (which
needs security) but also for **all** of the older apps they want to run
(which never required security)
....this could be a problem!

Finally, my question:
How can I set up security *only for one app*, but yet allow other older
..mdb's to run without them being prompted for a user/pass?

Thanks for your input/advice/feedback.

Nov 13 '05 #1
Share this Question
Share on Google+
2 Replies


P: n/a
TechBoy wrote:
I am trying to learn on the fly about Access Security for an app we
are developing. I realize Access security is an advanced subject
with many details. I wanted to share a scenario and ask a couple of
questions.

Scenario:
I have MyApp.MDB up on a file server.
I also have two Client PC's: Client1 and Client2 who use MyApp.
(Both Client's are running Access 2002)

On Client1's PC:
In MSAccess I have set up 7 users across four groups:
Level1, Level2, Level3 & Level4.
Level1 users have the most authority in the app, then down to level
4's who can only click on report icons on forms and run the reports,
which are based on queires as data sources. I have tried setting up
permissions on the users on Client 1's PC. One of the permissions is
blocking the security form that allows them to update the tblSecurity
object in the app.
This works on the app.

Client2's PC does not have any users set up.
So when I launch the same "MyApp.mdb" on Client2's PC, the application
comes up with no prompting for a user id and password and all parts of
the app can be accessed by anyone.

This leads me to believe that I have to set up groups and users ...*on
each PC!!* Am I reading this whole process correctly here?

Another wierd thing happened on client1's PC where I originally set up
the groups/users/passwords:
I launched an old Access 2000 app that I used for testing. It only
had one table and one form in it, used for practice. This old app had
absolutely no security stuff in it at all. So when I double clicked
it, Access asked for a userid and password!
ok...then I launched that same old little test app on Client2's PC and
it ran just fine, with no prompting for id's/passwords.

So I conclude that if I set up groups/users on the workstations of all
7 original users, those seven original users will have to enter a
userid/pass not only for the current app I'm writing for them (which
needs security) but also for **all** of the older apps they want to
run (which never required security)
...this could be a problem!

Finally, my question:
How can I set up security *only for one app*, but yet allow other
older .mdb's to run without them being prompted for a user/pass?

Thanks for your input/advice/feedback.


You did not apply security properly. When done properly all users have to
use the SAME workgroup (the one you used to apply security) or they don't
get in the file at all (makes sense right?). The single most important step
after "thinking" you've applied security is to try to open the file using
the wrong workgroup and make sure you cannot get in.

You need to start over with the proper security FAQ documents and follow all
the step by step instructions exactly or you're just wasting your time.

--
I don't check the Email account attached
to this message. Send instead to...
RBrandt at Hunter dot com

Nov 13 '05 #2

P: n/a
Br
TechBoy <rl**********@yahoo.com> wrote:
I am trying to learn on the fly about Access Security for an app we
are developing. I realize Access security is an advanced subject
with many details. I wanted to share a scenario and ask a couple of
questions.

Scenario:
I have MyApp.MDB up on a file server.
I also have two Client PC's: Client1 and Client2 who use MyApp.
(Both Client's are running Access 2002)
Best to put the front-end database on each PC and leave the back-end
database on the file server..... (split your database).
On Client1's PC:
In MSAccess I have set up 7 users across four groups:
Level1, Level2, Level3 & Level4.
Level1 users have the most authority in the app, then down to level
4's who can only click on report icons on forms and run the reports,
which are based on queires as data sources. I have tried setting up
permissions on the users on Client 1's PC. One of the permissions is
blocking the security form that allows them to update the tblSecurity
object in the app.
This works on the app.

Client2's PC does not have any users set up.
So when I launch the same "MyApp.mdb" on Client2's PC, the application
comes up with no prompting for a user id and password and all parts of
the app can be accessed by anyone.

This leads me to believe that I have to set up groups and users ...*on
each PC!!* Am I reading this whole process correctly here?

Another wierd thing happened on client1's PC where I originally set up
the groups/users/passwords:
I launched an old Access 2000 app that I used for testing. It only
had one table and one form in it, used for practice. This old app had
absolutely no security stuff in it at all. So when I double clicked
it, Access asked for a userid and password!
Yes, because you've changed the default workgroup being used by Access.
You'd need to change it back to system.mdw. Or, even worse you've
actually changed system.mdw which is a BIG no-no!
ok...then I launched that same old little test app on Client2's PC and
it ran just fine, with no prompting for id's/passwords.

So I conclude that if I set up groups/users on the workstations of all
7 original users, those seven original users will have to enter a
userid/pass not only for the current app I'm writing for them (which
needs security) but also for **all** of the older apps they want to
run (which never required security)
...this could be a problem!
I think you've got several problems:) You need to create a new workgroup
and put it on your file server for everyone to share. Then, create a
shortcut to call up your database and in the shortcut pass the workgroup
file you want to use (instead of changing the default which will effect
all databases).

eg. shortcut.

"C:\Program Files\Microsoft Office 2000\Office\MSACCESS.EXE"
"C:\folder\FrontEnd.mdb" /wrkgrp "F:\shreadfolder\MyNewWorkgroup.mdw"

For more information :

Overview of securing a database:
http://support.microsoft.com/kb/254372/EN-US/

The role of workgroup files:
http://support.microsoft.com/kb/305541/EN-US/
(note: the location of the workgroup administrator has changed in later
versions... look in your office folder for it).

How to share a securied database on a network
http://support.microsoft.com/default...b;en-us;232390

Access2003 security white paper:
http://www.microsoft.com/technet/pro.../o3secdet.mspx
Finally, my question:
How can I set up security *only for one app*, but yet allow other
older .mdb's to run without them being prompted for a user/pass?


See above....

Just remember: Never touch the default system.mdw. Always create a new
one through the workgroup administrator and call it something else (eg.
myapp.mdw).
--
regards,

Bradley

A Christian Response
http://www.pastornet.net.au/response
Nov 13 '05 #3

This discussion thread is closed

Replies have been disabled for this discussion.